b78ea5b397495b2a255fa725bf97833a27fcbbb45920cc8d75d1800a5ed418cc

Analysis

max time kernel
152s
max time network
158s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
20/12/2023, 02:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7e7e353e4c34f3e058329a438daa884b
Size

50KB
MD5

7e7e353e4c34f3e058329a438daa884b
SHA1

5012b310f20b63f7089c2e4ae3f41392df984b06
SHA256

b78ea5b397495b2a255fa725bf97833a27fcbbb45920cc8d75d1800a5ed418cc
SHA512

a9e19774e6ab9a23b122aba258272a8f51ebc377aa58b93613163a429e979534ff5cb175571ffd4c1d27148d9a8cc31776f25c804605698de626c8014dc9cfcc
SSDEEP

768:By52wiEqMMtMlLWo4OIIZwNV1YeTNtLpaL9m2oSQxPnPkEM3ITOVUL3:BoAMVLWomIZwzZJ+k3SMfPLM3IiV83

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (197151) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Modifies Watchdog functionality 1 TTPs 2 IoCs

Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Impair Defenses

T1562

description	ioc
File opened for modification	/dev/watchdog
File opened for modification	/dev/misc/watchdog

Writes file to system bin folder 1 TTPs 1 IoCs

Hijack Execution Flow

T1574

description	ioc
File opened for modification	/sbin/watchdog

/tmp/7e7e353e4c34f3e058329a438daa884b
/tmp/7e7e353e4c34f3e058329a438daa884b
1⤵
PID:1535

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

T1574

Privilege Escalation

Hijack Execution Flow

T1574

Defense Evasion

Hijack Execution Flow

T1574

Impair Defenses

T1562

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads